All Posts
429 TopicsFindTime, your favorite scheduling add-in just got better!
We heard you and so we re-wrote the entire back-end infrastructure for FindTime, we built a new service within the Office 365 compliance boundary! More specifically, the organizer’s poll data is now stored in their mailbox and will not leave your tenant’s environment.23KViews7likes21CommentsLet's talk about Server Extension Objects (SEO)
I’ve worked for Microsoft for about 8 years, all in the Exchange group, and I really enjoy it. The people who work here are bright, self-motivated, and we have the resources we need to get our jobs done. It feels great to ship world-class products that our customers love. However, not everything is perfect, it never is. As my father-in-law once said, “It’s not all grapes and gravy.” For example, the engineering group must work well together with the user education group to produce documentation that lets customers easily get the most out of the software we’ve produced. The single most frustrating episode I’ve endured has to do with the documentation for SEO, or the relative lack thereof. It’s not like I’m free of blame here, I worked on SMTP when these Server Extension Objects (SEO) were first implemented many years ago. So without further adieu, let’s talk about what I think should have been documented about SEO. Please read on, if you’d like to learn a little bit more about a soon-to-be obsolete technology (it will remain in some SKUs of Windows SMTP, but will be replaced in E12), and help me get something off my mind at the same time. Let’s first describe SEO a bit. SEO is a COM-based technology that allows customization of the Windows SMTP service. In the SEO model, information flows from the source (the SMTP server) to the sink (the SEO COM object), whenever an interesting event in processing an SMTP connection is reached. After the SMTP server is finished calling all the sinks, it then proceeds with handling the SMTP session, guided by the actions of the sinks. The last piece of the puzzle is the event bindings database, where the ordered collection of sinks to call for each processing event is persisted. One piece of code that customizes the Windows SMTP service is Exchange 2000/2003. Without the customization and extension made possible by SEO, Exchange would not be the compelling mail server that it is. So let’s pick apart the parts of the IIS metabase that contains the SEO information, and we’ll discover an object model along the way. To get us started, let’s use the adsutil.vbs script that comes with an IIS install, to inspect the “eventmanager” part of the metabase. If you run “cscript.exe %systemdrive%\inetpub\adminscripts\adsutil.vbs /enum_all eventmanager” you’ll see a big bunch of unintelligible output. Let’s dissect just a fraction of it: [/eventmanager/SourceTypes/{FB65C4DC-E468-11D1-AA67-00C04FA345F6}/EventTypes/{F6628C8D-0D5E-11d2-AA68-00C04FA35B82}] What does this mean? The first GUID can be seen in the public SDK file SmtpGuid.h, where it is given the name g_szGuidSmtpSourceType. The second GUID, located in the same file, corresponds with g_szcatidSmtpOnInboundCommand. To understand the rest of the string, we need to take a quick peek at the SEO object model. The root object here is IEventManager, which has a programmatic ID of “Event.Manager”, and is reflected in the “eventmanager” string. This object is the one you create and use to get at all the rest of the SEO entities. The IEventManager object contains an IEventSourceTypes object (please notice the “s” at the end here, we’ll see other similarly-named collection classes later), and the IEventSourceTypes object just contains a collection of IEventSourceType objects. Each IEventSourceType object contains an IEventTypes object, which, of course, just contains a set of IEventType objects. So, if we re-parse the string above, we can read it as telling us that the IEventManager contains an IEventSourceType with the ID {FB65C4DC-E468-11D1-AA67-00C04FA345F6}, and that this source knows how to generate {F6628C8D-0D5E-11d2-AA68-00C04FA35B82}, or g_szcatidSmtpOnInboundCommand, events. The rest of the info in the eventmanager part of the IIS metabase serves the same purpose, to define the two sources of SEO events, the SMTP and NNTP server, and to list the types of events that each source may generate. The other SEO information, which describes which consumers are to be called for which SEO event types, and in what order, is located in other parts of the metabase. For example, the first SMTP virtual server has its SEO information listed under smtpsvc/1/eventmanager. So if you type “cscript.exe %systemdrive%\inetpub\adminscripts\adsutil.vbs enum_all smtpsvc/1/eventmanager”, you’ll see info like [/smtpsvc/1/eventmanager/EventTypes/{F6628C8F-0D5E-11d2-AA68-00C04FA35B82}] [/smtpsvc/1/eventmanager/EventTypes/{F6628C8F-0D5E-11d2-AA68-00C04FA35B82}/Bindings] [/smtpsvc/1/eventmanager/EventTypes/{F6628C8F-0D5E-11d2-AA68-00C04FA35B82}/Bindings/{2EFF593B-5451-4D20-891C-1D32BFE95A1C}] [/smtpsvc/1/eventmanager/EventTypes/{F6628C8F-0D5E-11d2-AA68-00C04FA35B82}/Bindings/{2EFF593B-5451-4D20-891C-1D32BFE95A1C}/DisplayName] [/smtpsvc/1/eventmanager/EventTypes/{F6628C8F-0D5E-11d2-AA68-00C04FA35B82}/Bindings/{2EFF593B-5451-4D20-891C-1D32BFE95A1C}/SinkClass] [/smtpsvc/1/eventmanager/EventTypes/{F6628C8F-0D5E-11d2-AA68-00C04FA35B82}/Bindings/{2EFF593B-5451-4D20-891C-1D32BFE95A1C}/SourceProperties] [/smtpsvc/1/eventmanager/EventTypes/{F6628C8F-0D5E-11d2-AA68-00C04FA35B82}/Bindings/{2EFF593B-5451-4D20-891C-1D32BFE95A1C}/SourceProperties/priority] [/smtpsvc/1/eventmanager/EventTypes/{F6628C8F-0D5E-11d2-AA68-00C04FA35B82}/Bindings/{2EFF593B-5451-4D20-891C-1D32BFE95A1C}/SourceProperties/rule] What could this mean? The first portion of the string -- /smtpsvc/1/eventmanager/ -- just lets us know we are looking at the IEventSource for the first SMTP virtual server instance. Note that there is a difference between an IEventSourceType and an IEventSource. The IEventSourceType is an abstract, like “SMTP server”, while the IEventSource is a literal instance, like “the first SMTP virtual server instance on this machine”. The next part of the string -- EventTypes/{F6628C8F-0D5E-11d2-AA68-00C04FA35B82} -- tells us we are looking at the g_szcatidSmtpOnInboundCommand event type. To understand the rest of the string, we need to hearken back to the SEO object model, which defines the IEventSource as containing an IEventBindingManager object. The IEventBindingManager object is used to read, write, create, and destroy IEventBinding objects. There is one IEventBinding object contained in the metabase for each point of customization between the SMTP server and external code. The event binding is how this customization is persisted when IIS is recycled or the system restarted. Finally, the IEventBinding object contains an IEventPropertyBag object, which allows the event binding to contain additional information about itself. Now that we know a little more, we can look at the second fragment of output and see that it’s referring to information regarding an SEO binding. The binding is attached to the first virtual SMTP server instance, and it’s for the SmtpOnInboundCommand event type. The binding has a few properties, too. But why can’t we see more? It turns out that the adsutil.vbs script makes use of the ADSI schema for the metabase to understand and display the data contained in the metabase. The SEO information is not contained in the ADSI schema, and so doesn’t display much interesting information at all. If we run the “displaybindings” script (see near the end of this posting for the full vbs script), we’ll see some more descriptive detail displayed: \Source Types\Sources\Bindings\{F6628C8D-0D5E-11d2-AA68-00C04FA35B82} Display Name = SMTP Protocol OnInboundCommand ID = {2EFF593B-5451-4D20-891C-1D32BFE95A1C} priority = 9000 rule = X-EXPS SinkClass = Exchange.PS-EXPS DisplayName = Exchange SMTP Protocol Security EXPS Sink The SEO information looks a little nicer. We have a bit more context given to the GUIDs, and we can see all of the properties and their values. All of the other information under /smtpsvc/1/eventmanager/ is there for the same purpose, to describe event bindings. Now we’ve looked at the SEO object model a bit, as well as pulled apart the SEO information in the metabase. And we’ve mentioned that SEO is not part of our future product shipments. I would describe ways you can use SEO to improve your system, but there really aren’t any. SEO information should just be left alone, there is nothing to be gained from tweaking it. So just as we’ve started, we’re already done. If you have more questions about SEO, or the customization that can be gained from working with it, take a look at MSDN, and let us know if you have any more questions. It was interesting, from my side, to get this technology out into the world, and it would be interesting to hear from you how you’re using it. Here is the content of the displaybindings vbs script: Option Explicit ' ' \nt\private\inet\iis\staxinc\export\smtpdisp.idl ' Const catidPtSourceType = "{FB65C4DC-E468-11D1-AA67-00C04FA345F6}" Const catidPtSmtpSvc = "{1B3C0666-E470-11D1-AA67-80C04FA345F6}" REM ======================================================================================================== REM Function: REM e -- keystroke saver for WScript.Echo REM REM Arguments: REM strMessage -- message to echo to screen REM REM ======================================================================================================== Sub e (strMessage) WScript.Echo strMessage End Sub REM ======================================================================================================== REM Function: REM WriteCollection -- echoes a property bag REM REM Arguments: REM objCollection -- object to write (must implement _NewEnum) REM REM ======================================================================================================== Sub WriteCollection(objCollection) Dim strProperty For Each strProperty In objCollection If IsObject(objCollection(strProperty)) Then WriteCollection objCollection(strProperty) Else e strProperty & " = " & objCollection(strProperty) End If Next End Sub Function GetEventTypeDesc(strEventType) On Error Resume Next Dim strRetVal Dim objComCat Set objComCat = CreateObject("Event.ComCat") strRetVal = objComCat.GetCategoryDescription(strEventType,0) If(0 = Len(strRetVal)) Then strRetVal = "Unknown (" & strEventType & ")" End If Set objComCat = Nothing GetEventTypeDesc = strRetVal End Function Dim objEventManager Dim objEventUtil Dim GUID_SourceGuid Dim strEventType Dim objBindingManager Dim objBindings Dim objBinding Dim strEventTypeDesc ' ' create server event objects ' Set objEventManager = CreateObject("Event.Manager") Set objEventUtil = CreateObject("Event.Util") ' ' make source guid for instance 1 ' GUID_SourceGuid = objEventUtil.GetIndexedGUID(catidPtSmtpSvc,CLng(1)) ' ' get binding manager ' Set objBindingManager = objEventManager.SourceTypes(catidPtSourceType).Sources(GUID_SourceGuid).GetBindingManager ' ' iterate through the event types ' For Each strEventType In objBindingManager strEventTypeDesc = GetEventTypeDesc(strEventType) e "Event Type : " & strEventTypeDesc 'strEventType e "====================================================" Set objBindings = objBindingManager.Bindings(strEventType) For Each objBinding In objBindings WriteCollection objBinding.EventBindingProperties e "" Next e "" Next ' ' cleanup ' Set objEventManager = Nothing Set objEventUtil = Nothing - Ed Prescott1.6KViews0likes4CommentsWhy is OOF an OOF and not an OOO?
Here's an interesting historical question - when we say Out of Office, why does it sometimes get shortened to ‘OOF’? Shouldn’t it be ‘OOO’? Inside Microsoft, ‘OOF’ means not just the message which says you’re Out of Office, but it has grown to mean the act of being Out of the Office too - so you’ll get people putting sticky notes on their door saying ‘OOF Thurs & Fri’ or even people verbally saying things like, "Oh, Kevin’s OOF on vacation for the rest of the week’. I suppose that sounds better than "Oh, Kevin’s OOO on vacation ..." OOF was a command used in the days of Microsoft’s Xenix mail system, which set a user as ‘Out of Facility’ - ie Out of the Office. The usage of the term ‘OOF’ just stuck, as did the term ‘Little r’ (e.g. on an email sent to a distribution list, "Who wants to go to the cinema tonight? Little ‘r’ if you’re interested", meaning reply just to me) - as preserved in Outlook with CTRL+R for Reply, and CTRL+SHIFT+R (aka Big R) for Reply All. Ewan Dalton364KViews37likes8CommentsSupport of DANE and DNSSEC in Office 365 Exchange Online
Microsoftis committedto providing world-classemailsecurity solutionsand the support forthe latestInternetstandards in order to provide advanced email protection for our customers.Today we areannouncing that Exchange Online will be adding support for two new Internet standards specific to SMTP traffic.82KViews25likes30CommentsOutlook REST API beta and Outlook REST API v2.0 Deprecation Notice
Today we are announcing thedeprecation ofthe Outlook REST API betaandOutlook REST API v2.0and that they will be decommissioned on November 30, 2022. Once past this date, the services will be retired, and developers may no longer access them.20KViews2likes3CommentsExBPA v2.1 Released
We are pleased to announce the availability of the Exchange Server Best Practices Analyzer v2.1. The new version can be downloaded from here. Starting next week, for those running ExBPA v2.0, you will be prompted to upgrade to v2.1 the next time the tool is started. List of enhancements included in ExBPA v2.1 - HBA Collection - ExBPA.MSI package now installs the WMI extensions required for querying Host Bus Adaptors through the HBA API. This allows ExBPA to automatically collect configuration and diagnostic information from HBAs such as Emulex, Qlogic and LSI (see attached screenshot). The extensions need to be installed on the Exchange server. Either install ExBPA or the FCInfo tool on the server to enable collection of HBA information. NOTE: Once the extensions are installed on the server, ExBPA will be able to collect the information even when running from a remote workstation. - Performance Baseline - In addition to the regular 'Health Check' scan, a new scan type of 'Health/Performance Check' can be run. This tells the BPA engine to sample key Exchange and Operating System performance counters and produce statistics showing the 90th percentile and maximum value. The list of counters is based upon the Exchange 2003 Performance Troubleshooting whitepaper. The performance statistics will be displayed in the "Baseline" report once the scan has completed. By default, 240 samples will be taken at 30 second intervals (i.e. 2 hour run). These defaults can be overridden with the following registry parameters: Key: HKEY_CURRENT_USER\Software\Microsoft\Exchange\ExBPA Value: PerfSamples Type: DWORD Data: The total number of samples to collect (default: 240) Value: SampleInterval Type: DWORD Data: The time to wait between each sample (default: 30) NOTES: 1. The time estimation in the UI is fixed at 2 hours, it does not take into account any registry overrides. 2. ExBPA uses a global 3-hour timeout for processing each Exchange server. If you wish to increase the sample time beyond 2.5 hours, a modification will be necessary to the ExBPA.Config.xml. (MaxTime="ALL,180;..."). 3. The percentage complete values shown during scanning are based on object completions. As the sampling process is implemented as a single object, the server completion state will appear to 'stick' between 35 and 40% for the 2-hour sampling period. This is expected. 4. It is possible to sample multiple servers at the same time. However, you should keep the number of servers in scope to a minimum (e.g. less than 10) 5. Unlike the regular 'Health Check' it is important to run the new 'Health/Performance Check' when the Exchange server is at its busiest. As ExBPA uses the performance data helper (pdh) library to sample counters, the overheads on the server should be no greater than regular sampling with performance monitor (sysmon). To reduce overheads, it is recommended that you run ExBPA from a workstation rather than the server console. 6. In the initial ExBPA v2.1 release, Error and Warning rules have not been implemented for performance data. These will be introduced in a web update. 7. The sample data is stored as a comma-separated list embedded within the output XML. The ExBPA UI does not support the graphing of this data, or direct conversion to performance monitor log format. The overhead of collecting and storing the data is small. For example, scanning an organization containing a single Exchange 2003/Windows 2003 server: Health Check - 2,938 KB Health/Performance Check - 3,078 KB - Cluster Reporting - Reports such as the 'Full Issues List' separates physical nodes from the virtual server. The new format makes it easier to identify issues that need to be corrected on individual physical nodes. - Wildcard Collection - The BPA engine now supports wildcard collection from the registry. This enables a new set of rules, in particular exclusion settings for file-level antivirus products and Windows firewall configuration. - Latest Rules - Includes the latest Config XML file (rules database). Over 100 new rules have been introduced in v2.1 - see the list at the end of this e-mail. Specific areas of improvement include the recipient update service, third-party anti-virus checking, and debug settings. In addition to the new rules, over 30 existing rules have been reconditioned to provide better clarity. - Better Screen Layout - The size of the main report window is now based on the screen resolution rather than fixed at 800x600. - Scan Selection Information - When viewing the list of previous scans, the Config XML version used for the collection is now displayed in the details panel. - UDP Support - In addition to TCP, the new version of the tool can connect to ports using UDP. For example, new rules use this function to test the availability of WINS servers. - Checksum Operations - The BPA engine now supports the calculation of MD5 checksums. While the current rules database does not utilize this feature, it can be enabled in the future without updating the binaries. Bug fixes - Command-line parameters used with EXBPACMD are now case-insensitive. - For automatic updates, the tool now uses IE configuration settings if the default proxy server is not available. - Better handling of Date/Time formats. - Export functionality no longer deletes the original output XML file. - The language of the tool is no longer derived from the regional settings. Instead, the OS language is used. - Clearer instructions for when the scheduler can be used. Other notes - ExBPA v2.1 is available for U.S. English only. Other languages will be refreshed later on in the year. - In-place upgrades from ExBPA v2.0 to v2.1 are supported. - The build number for ExBPA v2.1 is 7599 (Displayed as 2.1.7599.0 in the ExBPA UI. Files on disk will be version 6.5.7599.0). List of new rules introduced in ExBPA v2.1 We thought it might be interesting to you to see new rules in this release; some releases have more rules and some less, but new rules are direct result of feedback that we get on the tool: More than 800 address lists are present More than 800 global address lists are present Intelligent Message Filter is not installed on one or more servers running Exchange Server 2003 MaxPageSize is set too high Active Directory Connector software update is required Exchange organization has zero recipient policies Exchange organization has zero system policies Everyone security group is not denied the right to create top-level public folders Envelope journaling is enabled Mailbox Enable User system policy change required SMTP address is not defined in the default recipient policy Message routing loop may exist Search filter change required for recipient policy Recipient Update Service software update required Recipient Update Service is inactive Recipient Update Service did not process all changes Recipient Update Service appears to be stalled Recipient Update Service is configured for full rebuild Recipient Update Service full rebuild Offline Address Book generation is set to update continuously Replica of Offline Address Book version 3a not found Replica of Offline Address Book version 2 not found Cannot connect to the routing master on port 25 Cannot connect to the routing master on port 691 networkAddress attribute is not set correctly RPC binding does not contain FQDN Cluster debugging is enabled Single global catalog present in topology Active Directory round-trip response error Server has less than four storage groups but more than four mailbox stores defined Information Store service is configured to interact with desktop Circular logging is disabled Offline address book is not associated with mailbox store Background Cleanup interval for a mailbox store is missing Aging Keep Time interval for database is non-default Default public store is remote Maximum cached views has been modified Maximum cached views is set too low Maximum cached views is set too high Message journaling is enabled Background Cleanup for a mailbox store is non-default Background Cleanup interval for a public folder store is missing Background Cleanup for a public folder store is non-default msExchAlternateServer attribute has been set SMTP server accepts basic authentication Anonymous access is enabled External DNS server is used for SMTP SMTP queue folder and pickup folder are identical Intelligent Message Filter is not enabled on the server Intelligent Message Filter is enabled on the mailbox server Extended SMTP verbs are not available System Attendant service is configured to interact with desktop System Attendant service is not running as LocalSystem Exchange Management service is not running as LocalSystem Performance data from Epoxy Client Out Queue Length (DSAccess) counter Performance data from Epoxy Client Out Queue Length (SMTP) counter Performance data from Epoxy Store Out Queue Length (DSAccess) counter Performance data from Epoxy Store Out Queue Length (SMTP) counter Performance data from SMTP Local Queue Length counter Performance data from SMTP Remote Queue Length counter Performance data from SMTP Categorizer Queue Length counter Performance data from RPC Operations/sec counter Performance data from Virus Scan Queue Length counter Performance data from RPC Requests counter Performance data from RPC Averaged Latency counter Performance data from Average Disk sec/Read counter of the LogicalDisk performance object Performance data from Average Disk sec/Read counter of the PhysicalDisk performance object Performance data from Average Disk sec/Write counter of the LogicalDisk performance object Performance data for Average Disk sec/Write counter Performance data for Log Record Stalls/sec counter Performance data for Log Threads Waiting counter Performance data for Available MBytes counter Performance data for Pages/sec counter Performance data for % Processor Time counter Performance data for Bytes Total/sec counter Performance data from LDAP Read Time counter Performance data from LDAP Search Time counter Update available for McAfee GroupShield 6.0 for Microsoft Exchange Update available for Sybari Antigen 7.5 for Microsoft Exchange Update available for Sybari Antigen 8.0 for Microsoft Exchange Update available for McAfee GroupShield 5.2 for Microsoft Exchange Messageware Plus Pack is installed ASP.NET Rootver is damaged Administrative file shares disabled INO_FLPY.SYS version update available INO_FLTR.SYS version update available The version of the Tcpip.sys file installed on this computer may require a hotfix URLScan is installed Filter update for Intelligent Message Filter is available Windows Server 2003 SP1: Outlook Web Access hotfix is required MTA Stacks service is configured to interact with desktop Exchange resident on domain controller that is not a global catalog server Exchange Server 5.5 resident on Active Directory domain controller Primary WINS server failed to respond Network card checksum offloading is enabled Network card teaming is enabled SiteName is hard-coded RestrictRemoteClients registry key is enabled EnableAuthEpResolution registry key is enabled Application log size The TEMP/TMP variable appears to point to an invalid or inappropriate folder NSI Software Double-Take is installed Windows Management Instrumentation service is not running as LocalSystem BCC journaling is enabled TarpitTime has been implemented ReloadOSInterval is non-default Path for RPC proxy server extension is incorrect DSAccess PreloadBaseDNs registry parameter is non-default DSAccess PreloadFilters registry parameter is non-default AssertOnEvent is set BreakOnEvent is set Debug Break At Startup is set Store working directory is missing or incorrect Please send any questions and feedback toexbpafb AT microsoft.com. Thanks! - The Microsoft Exchange Operational Support Tools Team3.1KViews0likes2Comments"First post!!!" of the Microsoft Exchange team blog
This is a group blog written by folks from the Microsoft Exchange server team. We are developers, testers, program managers, technical writers and product support engineers who work with Exchange. At the end of each blog entry, you'll see the author's name and a link to their bio. The bios of all participants can be seen in the "Team Bios" link on the left as well. We're planning on posting to this blog at least 3 times a week, with tips and tricks about Exchange, the history behind certain features or decisions, and other information about Exchange, Outlook, and email in general. And without further ado, the M drive...3KViews1like5CommentsOffice 365 Message Attribution
When a message arrives at Office 365, one of the first things we need to do is figure out which organization it belongs to. At first, this sounds simple – just look at the recipient, right? Well, it is more complicated than that, because of Hybrid and complex routing scenarios.96KViews16likes12Comments